351 matches found
CVE-2005-3732
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
CVE-2005-3732
CVE-2005-3732 affects the IKEv1 racoon implementation in ipsec-tools (isakmp_agg.c) prior to version 0.6.3, when running in aggressive mode. A remote attacker can trigger a denial-of-service via a crafted IKE packet that dereferences a NULL pointer. Public advisories from Red Hat/CentOS (RHSA-200...
CVE-2005-3732
Removed by vendor...
Fedora Core 3 : ipsec-tools-0.5-2.fc3 (2005-217)
This update fixes a potential DoS in parsing ISAKMP headers in racoon. CVE-2005-0398 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Core 2 : ipsec-tools-0.5-2.fc2 (2005-216)
This update fixes a potential DoS in parsing ISAKMP headers in racoon. CVE-2005-0398 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
USN-107-1: racoon vulnerability
Sebastian Krahmer discovered a Denial of Service vulnerability in the racoon daemon. By sending specially crafted ISAKMP packets, a remote attacker could trigger a buffer overflow which caused racoon to crash. This update does not introduce any source code changes affecting the ipsec-tools packag...
Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2005:062)
A bug was discovered in the way that the racoon daemon handled incoming ISAKMP requests. It is possible that an attacker could crash the racoon daemon by sending a specially crafted ISAKMP packet. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Networ...
SUSE-SA:2005:020: ipsec-tools
The remote host is missing the patch for the advisory SUSE-SA:2005:020 ipsec-tools. Racoon is a ISAKMP key management daemon used in IPsec setups. Sebastian Krahmer of the SUSE Security Team audited the daemon and found that it handles certain ISAKMP messages in a slightly wrong way, so that remo...
GLSA-200503-33 : IPsec-Tools: racoon Denial of Service
The remote host is affected by the vulnerability described in GLSA-200503-33 IPsec-Tools: racoon Denial of Service Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon. Impact : An attacker could possibly cause a Denial of...
CVE-2005-0398
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...
CVE-2005-0398
CVE-2005-0398 affects the racoon daemon in ipsec-tools prior to 0.5. A remote attacker can send malformed ISAKMP packets that trigger a crash, causing a denial of service. The issue is documented in multiple advisories (e.g., Fedora, Ubuntu USN-107-1, Gentoo GLSA) and Red Hat/FreeBSD/OpenVAS entr...
CVE-2005-0398
Removed by vendor...
IPsec-Tools: racoon Denial of service
Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing cod...
RHEL 4 : ipsec-tools (RHSA-2005:232)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2005:232 advisory. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The ipsec-tools package includes: - setkey, a program...
Moderate: Red Hat Security Advisory: ipsec-tools security update
An updated ipsec-tools package that fixes a bug in parsing of ISAKMP headers is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The...
security flaw
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...
CVE-2005-0398
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...
GLSA-200406-17 : IPsec-Tools: authentication bug in racoon
The remote host is affected by the vulnerability described in GLSA-200406-17 IPsec-Tools: authentication bug in racoon The KAME IKE daemon racoon is used to authenticate peers during Phase 1 when using either preshared keys, GSS-API, or RSA signatures. When using RSA signatures racoon validates t...
GLSA-200404-05 : ipsec-tools contains an X.509 certificates vulnerability.
The remote host is affected by the vulnerability described in GLSA-200404-05 ipsec-tools contains an X.509 certificates vulnerability. racoon a utility in the ipsec-tools package does not verify digital signatures on Phase1 packets. This means that anybody holding the correct X.509 certificate...
GLSA-200404-17 : ipsec-tools and iputils contain a remote DoS vulnerability
The remote host is affected by the vulnerability described in GLSA-200404-17 ipsec-tools and iputils contain a remote DoS vulnerability When racoon receives an ISAKMP header, it allocates memory based on the length of the header field. Thus, an attacker may be able to cause a Denial of Services b...